An off-by-one error was discovered in the PyLocale_strxfrm function
in Python 2.4 and 2.5 that could allow context-dependent attackers
the ability to read portions of memory via special manipulations that
trigger a buffer over-read due to missing null termination.